package com.qhit.config.shiro.realms;

import com.qhit.pojo.Permission;
import com.qhit.pojo.Role;
import com.qhit.pojo.User;
import com.qhit.service.PermissionService;
import com.qhit.service.RoleService;
import com.qhit.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.HashSet;
import java.util.List;
import java.util.UUID;

@Component
public class MyRealms extends AuthorizingRealm {
    @Autowired
    private UserService userService;
    @Autowired
    private RoleService roleService;
    @Autowired
    private PermissionService permissionService;

    //授权的时候会执行--给当前登录的用户赋予角色和权限
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //封装用户的角色和权限的信息
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //角色集合和权限集合
        HashSet<String> roles = new HashSet();
        HashSet<String> pers = new HashSet();
        //获取用户名
        User u=(User) principalCollection.getPrimaryPrincipal();
//        if ("1".equals(u.getIsadmin())){//判断是否是超级管理员
//            pers.add("*:*");
//            roles.add("*");
//            simpleAuthorizationInfo.setStringPermissions(pers);
//            simpleAuthorizationInfo.setRoles(roles);
//            return simpleAuthorizationInfo;
//        }
        //根据用户名 获取用户信息
//        User u =userService.getUserByName(username);




        //根据用户id，获取角色
        List<Role> roleList=roleService.getRolesByUserId(u.getId());
        for (int i = 0; i < roleList.size(); i++) {
            roles.add(roleList.get(i).getRoleName());
            //根据角色id，获取权限
            List<Permission> permissionList=permissionService.getPermissionsByRoleId(roleList.get(i).getId());
            for (int j = 0; j < permissionList.size(); j++) {
                pers.add(permissionList.get(j).getPermissionName());
            }
        }

        simpleAuthorizationInfo.setRoles(roles);
        simpleAuthorizationInfo.setStringPermissions(pers);
        return simpleAuthorizationInfo;
    }

    //认证的时候会执行
    //通过SecurityManager 提供token里的用户信息 从数据库里面查询 用户 然后将用户的信息封装到 AuthenticationInfo 返回
    //SecurityManager 会将AuthenticationInfo和AuthenticationToken 进行比较，然后判定是否登录成功
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        if (authenticationToken.getPrincipal()==null||"".equals(authenticationToken.getPrincipal())){
            return null;
        }
        //获取用户名
        String userName = (String) authenticationToken.getPrincipal();
        //通过用户名，获取数据库里面的用户信息
        User u= (User) userService.getUserByName(userName);
        if (u==null){
            return null;
        }
        ByteSource bytes = ByteSource.Util.bytes(u.getSalt());
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(u,u.getPassword(),bytes,getName());
        return simpleAuthenticationInfo;
    }

    public static void main(String[] args) {
        String s = UUID.randomUUID().toString();
        System.out.println(s);
        //专门处理加密的一个类
        //1.加密的算法 DESC MD5 SHAI
        //2.我们需要加密的一个明文
        //3.盐-作料--为了给密码的破解增加难度的 一般来说直接取uuid
        //4.迭代次数-为了给密码的破解增加难度
        SimpleHash simpleHash = new SimpleHash("MD5","123456",s,1024);
        System.out.println(simpleHash.toString());
    }

    @Override
    public boolean hasRole(PrincipalCollection principal, String roleIdentifier) {
        User u=(User) principal.getPrimaryPrincipal();

        return "1".equals(u.getIsadmin())||super.hasRole(principal, roleIdentifier);
    }

    @Override
    public boolean isPermitted(PrincipalCollection principals, String permission) {
        User u=(User) principals.getPrimaryPrincipal();
        return "1".equals(u.getIsadmin())||super.isPermitted(principals, permission);
    }
}
